misc/78565: Default FreeBSD 5.3 named setup has problems resolving names due to IPv6 issues

Roy Badami roy at gnomon.org.uk
Mon Mar 7 22:10:07 GMT 2005 

>Number:         78565
>Category:       misc
>Synopsis:       Default FreeBSD 5.3 named setup has problems resolving names due to IPv6 issues
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Mar 07 22:10:06 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Roy Badami
>Release:        5.3-RELEASE-p5
>Organization:
>Environment:
FreeBSD buffy.gnomon.org.uk 5.3-RELEASE-p5 FreeBSD 5.3-RELEASE-p5 #1: Sun Mar  6 20:19:33 UTC 2005 root at buffy.gnomon.org.uk:/usr/obj/usr/src/sys/BUFFY  i386
>Description:
The default FreeBSD 5.3 configuration brings up IPv6, though typically users won't be using it.  However the ethernet interfaces nonetheless have (link-local) IPv6 addresses.

It appears that under these circumstances BIND 9 has difficulty talking to nameservers that are IPv6-connected (ie have AAAA records).  I infer that it's probably trying to talk IPv6 to them, even though there is no suitable local IPv6 address to use.

As a result of the fact that many important DNS servers now have AAAA records (eg many of the root servers and many of the servers for .com) DNS resolution becomes very slow, as a singificant proportion of these servers become unreachable.

I don't know enough about IPv6 address selection to know whether this is a BIND bug or a bug in the IPv6 stack; this article on the OpenBSD list suggests it's a BIND bug, but gives no reference

http://archives.neohapsis.com/archives/openbsd/2004-11/0966.html

My concern is that this problem hits a default install of named on a non-IPv6-connected host, and makes name resolution horribly slow (verging on unusable).
>How-To-Repeat:
On a default FreeBSD 5.3 install, without disabling IPv6, but without actual IPv6 connectivity, run a caching name server.

Attempt to resolve names under .com

Observer that this often takes 5 seconds or longer.
>Fix:
Workaround is to add "-4" to named_flags.  

>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list